Continuing on IPExpert CCIE R&S BLS Video-on-Demand, by the way, very cool videos, tons of tips! So, today I choose to check RIP. For two particular reasons... First it´s pretty easy to understand, and we´re all facing it since CCNA days, and even with new features and tricks in the video, we´re probably able to get it fast, and second, I´m with a terrible headache, so I need something simple today! :D In fact, after finishing the video, my headache was over, maybe I was too stressed or something and that relieved me! Cool! Another good useful use to the BLS, everytime you´re stressed, just jump in, watch a couple videos, and you´ll feel more relaxed! lol! ;)
In fact, the lab exam only cares about have RIP version 2, so, keep in mind that, everytime they ask you to configure it, use the version 2, like this:
|router rip |
RIP is the simplest Routing Protocol we´re going to face in the exam (ODR doesn´t count!), and probably, just in the exam... Have anybody checked any RIP networks?! I haven´t so far!
There aren´t much things to play around, but, one of them are timers. If we ever need to change it, the "timers basic" command comes to the rescue! Also, there´s no rule saying that everybody needs to have the same timers, unlike OSPF, there are no "peering" in RIP, it´s only sending routes out, so timers will not have the same effect as it does in other Routing Protocols!
Of course, it´s a good idea to set everybody the same timers (or at least close to it) to avoid routes going occasionally inaccessible for no particular reason!
The default RIP Timers are:
- Update - 30 seconds;
- Invalid - 180 seconds;
- Hold - 180 seconds;
- Flush - 240 seconds.
That means you can get up to 4 minutes to make a route go away! That´s a lot of time! :)
Oh yeah... everytime you change the timers at RIP, you can check it with the "show ip protocol" command! For example:
That set´s the Update to 5 seconds, Invalid to 15, Hold to 15 and Flush to 30! Keep in mind that the HOLD Timer is "Cisco Proprietary" so if they ever ask you to get rid of it, set it´s timer to 0 and you´re good!
Another good one is the "neighbor" command, it changes the routing updates from broadcast to unicast packets. As we don´t have peering with RIP, we do not need to do it on both sides! It´s useful for non-broadcast links such as Frame-relay. Example:
Also, we can use the "passive-interface" command with it, otherwise, the router at the other end of the link will receive the "Unicast" information plus the "Broadcast" information, and that´s kind of odd thing! Just do it, otherwise, if you feel in doubt, just go ahead and ask the proctor for clarification, asking questions to the proctor is always a good thing to do, and keeps you in the safe side!
Offset list, which is an aditive to an metric, like if you receive routes with values 1, 2, 3, and you want that to show up in your rounting table as 4, 5, 6, you simple do an offset list of 3! So it´s going to add it to the routes as it comes in! Unfortunatelly there are no negative values! It´s used with access-list that will actually tells which routes to be affected!
That will take the routes in access-list 21, and add a metric of 10 to the outgoing metric. (to incoming metrics use "offset-list 21 in 10" for example).
The "ip rip triggered" command only works on point-to-point links. It´ll make RIP "behave" more like Link State Protocols. It´ll only send updates something when it actually changes! Enabling it or disabling is pretty straight-forward, and I would actually use it if I was asked in the LAB, no where else!
To enable RIP authentication we use the command "ip rip authentication key-chain <name-of-chain>" it´s done on per interface basis, BUT... for that happen, you need to configure the key-chain first, and maybe some of you have never done that before (I haven´t), not difficult, but, we need to keep somethings in mind, check this example configuration:
interface Fastethernet 0/0
After you can issue a "show key chain" command to check if everything is ok, and apply it to RIP.
Keep in mind to use the accept-lifetime and send-lifetime command under IOS 12.4, otherwise, it´ll not work!
Follows two useful documents regarding RIP Authentication at Cisco´s Website:
The "ip summary-address rip <summary-address>" command is also used on a per interface basis. And guess what it does?! :)
So, to finish, RIP works only on metrics, values of 1 to 15 and if there´s a tie between to routes, the first route advertised wins. There are no external or internal routes, everything is pretty much the same!
Oh yeah! If you issue a "network 0.0.0.0" it´ll add every active IP interface in the RIP Routing proccess!